[horde] "Error: User is not authorized for imp" with PHP 5.6
Andy Dorman
adorman at ironicdesign.com
Fri Jun 6 22:21:12 UTC 2014
On 06/06/2014 01:59 PM, Mauricio Jose T. Tecles wrote:
> Just a hint, I don't know if this is the problem. I cote from a recent
> Debian Wheezy PHP update:
> "php5 (5.4.4-14+deb7u9) stable; urgency=medium
>
> * The default PHP FPM socket permission has been changed from 0666
> to 0660 to mitigate security vulnerability (CVE-2014-0185) in PHP
> FPM that allowed any local user to run a PHP code under the active
> user of FPM process via crafted FastCGI client.
>
> The default Debian setup now correctly sets the listen.owner and
> listen.group to www-data:www-data in default php-fpm.conf. If you
> have more FPM instances or a webserver not running under www-data
> user you need to adjust the configuration of FPM pools in
> /etc/php5/fpm/pool.d/ so the accessing process has rights to
> access the socket.
>
> -- Ondrej Surý <ondrej at debian.org> Mon, 12 May 2014 14:23:05 +0200"
>
> Mauricio
>
Thanks but I updated our php-fpm configs to deal with the PHP FPM socket
default changes about 6 months ago.
Also, if socket communication was the issue then nginx could not
communicate with php-fpm at all and I would be seeing a "Bad Gateway"
error when I go to the site.
I think Michael is correct and I need to revert PHP back to 5.5 until
the bugs are worked out of 5.6.
This is why you always test upgrades first on a development server. ;-)
Thanks everyone and have a great weekend.
--
Andy Dorman
More information about the horde
mailing list